Prior to the development of this software, threat information was too complex and cumbersome to share, limiting its application in operational environments. The new software standardizes collection via Structured Threat Information eXpression (STIX) and converts complex data on cybersecurity vulnerabilities into a visualization that is easy to understand and act on. With STIG, utility owners and operators have a common system for sharing threat intelligence information, thus increasing the chances of detecting and mitigating cyber exploits before they lead to a cyberattack.

By releasing the open-source code on GitHub, INL researchers hope other developers will take on the challenge of making the tool even better and ultimately help better protect the nation’s critical infrastructure systems.